Apple has mentioned numerous times in the past several weeks its promise to offer iOS 8 device users, including buyers of the new iPhone 6, both improved security and privacy. In the process, the company has clarified that it does not possess the keys to iOS 8 data encryption. Data is protected by a unique user PIN code, and, therefore, Apple cannot provide access to that data to law enforcement agencies nationwide. It turns out that the updated data encryption is so fantastic that law enforcement agencies are highly vocal in their criticism of iOS 8 encryption, and are thus inadvertently advertising this new iOS strength.
Per information provided by Reuters, U.S. Attorney General Eric Holder expressed his concern that officers of the law would be unable to obtain information required in the investigation of a crime. Holder contends it is possible to permit law enforcement officers to execute investigations involving Apple or Google devices while still providing adequate protection for personal privacy.
FBI director James Comey views the topic as one in which companies are marketing a smartphone expressly to allow buyers to place themselves beyond the law.
Are either U.S. Attorney General Eric Holder or FBI director James Comey correct in their assertions that Apple and Google are facilitating criminal action?
What both Google and Apple have done falls under the auspices of the law, and they are under no obligation to decrypt data if the manufacturer itself cannot access your phone records on their own. From 47 U.S. Code § 1002:
“A telecommunications carrier shall not be responsible for decrypting, or ensuring the government’s ability to decrypt, any communication encrypted by a subscriber or customer, unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt the communication.”
It was just yesterday that top officials were suggesting that we encrypt most data to protect the information from hackers.
“An example would be encrypting data so the hacker can’t read it, or having redundant systems that can readily be reconstituted in the event of an attack.”
The privacy upgrades from Google and Apple were not implemented to keep law enforcement from accessing the iPhone data of a criminal. Said upgrades were put in place to protect our security. People widely understand that a backdoor for law enforcement access will inevitably provide criminals the access they require, and it is just such access that had China’s phone regulator briefly stalling on iPhone approval. Apple had to promise never to install backdoors to give access to user information.
One would think government officials would be happy that Google and Apple are making it more difficult for foreign governments, like Russia, and criminals to hack your phone or steal your personal information. Consumers are justifiably concerned about government control of out information. It’s a tough balance between that concern and protecting cybersecurity.